Stories by Paul Brusil

Common Criteria for Increasing Confidence

In the wake of recent denial-of-service attacks, companies are spending millions on security gear. But can you be confident the products will work as advertised? To ensure a positive answer to this question, vendors including Cisco Systems Inc., Check Point Software Technologies Ltd., Lucent Technologies Inc., IBM Corp. and Oracle Corp. have begun specifying the security features of their products according to the Common Criteria (CC) - a new security standard that provides a common way to state both consumers' security needs and products' security specifications. These products are then tested at a new breed of accredited commercial security testing labs, which independently verify - at a specific level of confidence - that the products conform to their security claims.